Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
File:                     2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft (raw, json)
Hash identifier:          BxwAsyEtB3NYSIaZJxa7Z/9oCA9weKM9K6Z/o4bzF0Q=
Subject key identifier:   6D:C5:95:6E:EA:28:D7:D3:97:A4:00:F4:55:B6:56:87:8B:CC:DC:8D
Authority key identifier: D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA
Certificate issuer:       /CN=d9b22811df86123d71af5b998a210c23eb1d5efa
Certificate serial:       0199FBEBDB046E9EB1FD676E95EFE85B9C9B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
Manifest number:          101F
Signing time:             Sun 19 Oct 2025 10:02:42 +0000
Manifest this update:     Sun 19 Oct 2025 10:02:42 +0000
Manifest next update:     Mon 20 Oct 2025 10:02:42 +0000
Files and hashes:         1: 2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl (hash: m8Z67JeGpqPOJhFDYYRWoG2tagoYySkz1TAOPrZWQ0g=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:fb:eb:db:04:6e:9e:b1:fd:67:6e:95:ef:e8:5b:9c:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d9b22811df86123d71af5b998a210c23eb1d5efa
        Validity
            Not Before: Oct 19 10:02:42 2025 GMT
            Not After : Oct 20 10:02:42 2025 GMT
        Subject: CN=6dc5956eea28d7d397a400f455b656878bccdc8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:3b:5e:13:75:a2:85:d3:ca:9c:5a:1c:71:fd:
                    a1:a9:d7:1e:c2:dc:a1:07:ea:d1:c6:d5:ed:dd:73:
                    14:25:57:3b:7e:ab:c2:fb:7c:44:ca:cc:79:6f:20:
                    38:45:1b:ad:4f:39:a9:34:9f:9e:81:66:3a:36:a8:
                    fb:f2:cf:4b:b3:66:2c:ef:1d:4b:52:99:6f:58:d8:
                    de:31:c4:e3:08:74:49:55:6c:cc:72:32:2e:fe:60:
                    4d:55:0f:d8:67:62:7f:51:af:30:99:cf:6b:b8:2b:
                    15:77:df:ca:53:97:2c:0d:84:3a:05:e4:4a:87:e0:
                    c5:0d:ce:0d:28:59:b0:79:26:ca:f3:7e:27:ae:d1:
                    4b:a9:53:f1:a8:6d:28:db:2a:37:50:a6:80:f8:66:
                    a5:07:77:83:6d:60:ce:f2:ca:af:dc:0e:d7:35:21:
                    f4:77:64:01:0e:2b:68:b1:ae:ff:e7:7b:2d:f3:2f:
                    a1:21:60:23:55:63:cd:a1:b2:da:e1:0f:d5:2b:66:
                    de:6b:a5:a4:5b:d0:e7:2b:bf:0a:86:d7:e9:ec:2f:
                    00:7e:f7:33:58:0d:a7:15:09:a9:e5:de:17:4c:38:
                    34:5c:ff:d3:f1:bc:8e:86:18:21:e2:05:9b:55:e3:
                    db:50:1d:e3:8b:18:e7:7d:96:9d:b3:a9:c7:8d:14:
                    d9:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:C5:95:6E:EA:28:D7:D3:97:A4:00:F4:55:B6:56:87:8B:CC:DC:8D
            X509v3 Authority Key Identifier:
                keyid:D9:B2:28:11:DF:86:12:3D:71:AF:5B:99:8A:21:0C:23:EB:1D:5E:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bIoEd-GEj1xr1uZiiEMI-sdXvo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/3f0c29-f112-4d0a-bc24-66cd55fee3f9/1/2bIoEd-GEj1xr1uZiiEMI-sdXvo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         90:be:f1:db:83:6e:fb:a1:2b:20:38:6d:81:76:9b:94:b6:c7:
         6f:1f:6e:d4:9b:bd:a0:4f:11:bc:b3:4a:a9:7f:59:f7:e3:6a:
         dd:79:31:cb:f1:99:24:3e:6a:66:f1:09:d3:c6:3d:f5:d4:1c:
         e4:9d:33:73:d8:59:00:4b:31:05:e3:32:81:de:4b:f5:11:3d:
         0a:f0:96:06:87:35:32:54:f6:97:fd:af:1d:f3:23:4a:96:8a:
         9f:66:ba:e4:e5:18:80:e0:f3:0b:96:81:06:14:91:e2:73:6d:
         b0:6f:b2:d3:73:7c:50:d4:d2:7a:9c:bd:39:cb:54:39:42:76:
         1f:8e:c1:1a:dd:fc:2a:67:8c:e4:87:01:c9:e5:c7:f3:9b:ff:
         e5:d2:67:a8:93:c0:b7:f0:3d:20:89:01:28:d8:ff:55:6e:f9:
         e3:33:03:fc:78:98:41:9f:0e:83:4e:23:07:bf:79:d7:c5:b0:
         34:9a:41:66:c2:3a:3e:49:70:1f:80:5d:d7:cf:e9:ec:d3:16:
         63:f3:20:b5:7e:0e:9b:ef:8f:59:75:64:98:aa:95:f6:99:c9:
         62:8c:c8:d4:f1:0e:7a:29:50:1b:83:e5:41:d2:14:2c:55:5a:
         77:9a:f2:88:08:cf:39:2c:cf:54:ac:64:6a:79:71:db:ff:51:
         ca:e6:d0:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn769sEbp6x/Wdule/oW5ybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjIyODExZGY4NjEyM2Q3MWFmNWI5OThhMjEwYzIzZWIx
ZDVlZmEwHhcNMjUxMDE5MTAwMjQyWhcNMjUxMDIwMTAwMjQyWjAzMTEwLwYDVQQD
Eyg2ZGM1OTU2ZWVhMjhkN2QzOTdhNDAwZjQ1NWI2NTY4NzhiY2NkYzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDteE3WihdPKnFoccf2hqdcewtyh
B+rRxtXt3XMUJVc7fqvC+3xEysx5byA4RRutTzmpNJ+egWY6Nqj78s9Ls2Ys7x1L
UplvWNjeMcTjCHRJVWzMcjIu/mBNVQ/YZ2J/Ua8wmc9ruCsVd9/KU5csDYQ6BeRK
h+DFDc4NKFmweSbK834nrtFLqVPxqG0o2yo3UKaA+GalB3eDbWDO8sqv3A7XNSH0
d2QBDitosa7/53st8y+hIWAjVWPNobLa4Q/VK2bea6WkW9DnK78Khtfp7C8Afvcz
WA2nFQmp5d4XTDg0XP/T8byOhhgh4gWbVePbUB3jixjnfZads6nHjRTZVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG3FlW7qKNfTl6QA9FW2VoeLzNyNMB8GA1UdIwQY
MBaAFNmyKBHfhhI9ca9bmYohDCPrHV76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQt
NjZjZDU1ZmVlM2Y5LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8zZjBjMjktZjExMi00ZDBhLWJjMjQtNjZjZDU1ZmVlM2Y5
LzEvMmJJb0VkLUdFajF4cjF1WmlpRU1JLXNkWHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkL7x24Nu
+6ErIDhtgXablLbHbx9u1Ju9oE8RvLNKqX9Z9+Nq3Xkxy/GZJD5qZvEJ08Y99dQc
5J0zc9hZAEsxBeMygd5L9RE9CvCWBoc1MlT2l/2vHfMjSpaKn2a65OUYgODzC5aB
BhSR4nNtsG+y03N8UNTSepy9OctUOUJ2H47BGt38KmeM5IcByeXH85v/5dJnqJPA
t/A9IIkBKNj/VW754zMD/HiYQZ8Og04jB79518WwNJpBZsI6PklwH4Bd18/p7NMW
Y/MgtX4Om++PWXVkmKqV9pnJYozI1PEOeilQG4PlQdIULFVad5ryiAjPOSzPVKxk
anlx2/9RyubQAQ==
-----END CERTIFICATE-----